baoyu-translate
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local TypeScript scripts (
scripts/main.tsandscripts/chunk.ts) using thebunruntime to perform markdown processing and chunking. This involves local file system access to read source documents and write translated segments. - [EXTERNAL_DOWNLOADS]: The workflow involves fetching content from user-provided URLs to materialize them into local markdown files for translation.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted content from external files, URLs, and text inputs.
- Ingestion points: Source content is ingested from file paths, external URLs, or inline text as described in the materialization step of the workflow.
- Boundary markers: The prompt templates provided in
references/subagent-prompt-template.mddo not utilize explicit delimiters or 'ignore' instructions for the source content being translated. - Capability inventory: The skill can execute shell commands via
bun, write files to the project and user home directories, and perform network requests to fetch source material. - Sanitization: No sanitization or validation of the input content is performed before it is analyzed or translated by the LLM.
Audit Metadata